CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24673 |
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in AyeCode Ltd Ketchup Shortcodes allows Stored XSS. This issue affects Ketchup Shortcodes: from n/a through 0.1.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24672 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CodePeople Form Builder CP allows SQL Injection. This issue affects Form Builder CP: from n/a through 1.2.41.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24669 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SERPed SERPed.net allows SQL Injection. This issue affects SERPed.net: from n/a through 4.4.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24668 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle PPOM for WooCommerce allows Stored XSS. This issue affects PPOM for WooCommerce: from n/a through 33.0.8.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24666 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeIsle AI Chatbot for WordPress – Hyve Lite allows Stored XSS. This issue affects AI Chatbot for WordPress – Hyve Lite: from n/a through 1.2.2.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24663 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tips and Tricks HQ, Ruhul Amin, Josh Lobe Simple Download Monitor allows Blind SQL Injection. This issue affects Simple Download Monitor: from n/a through 3.9.25.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24659 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WordPress Download Manager Premium Packages allows Blind SQL Injection. This issue affects Premium Packages: from n/a through 5.9.6.
CVSS: HIGH (7.6) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24658 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Hawes Auction Nudge – Your eBay on Your Site allows Stored XSS. This issue affects Auction Nudge – Your eBay on Your Site: from n/a through 7.2.0.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24657 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee Wishlist for WooCommerce allows Stored XSS. This issue affects Wishlist for WooCommerce: from n/a through 2.1.2.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|
|
CVE-2025-24652 |
Description: Missing Authorization vulnerability in Revmakx WP Duplicate – WordPress Migration Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Duplicate – WordPress Migration Plugin: from n/a through 1.1.6.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
January 25th, 2025 (5 months ago)
|